Lucene search
+L

31 matches found

cnnvd
cnnvd
added 2024/06/19 12:0 a.m.7 views

VMware Spring Cloud Data Flow Security Vulnerability

VMware Spring Cloud Data Flow is a codebase for streaming and batch processing of data in microservices from VMware, Inc. A security vulnerability exists in VMware Spring Cloud Data Flow that stems from. Improperly cleaned upload paths could allow an attacker to write arbitrary files to any...

8.8CVSS7.1AI score0.17537EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2024/05/23 12:0 a.m.8 views

PT-2024-4070 · Unknown · Spring Cloud Data Flow

Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow affected versions not specified Description: The issue is related to improper sanitization for upload paths in the Skipper server, allowing a malicious user with access to the server API to write arbitrary files to any...

8.8CVSS7.1AI score0.17537EPSS
Exploits1References26
osv
osv
added 2024/03/06 11:5 a.m.16 views

BIT-SPRING-CLOUD-DATAFLOW-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

7.2CVSS7.4AI score0.0106EPSS
Exploits0References2
spring
spring
added 2024/01/16 12:0 a.m.72 views

This Week in Spring - January 16th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's the 16th of January already! We're closer to February than not! I can hardly believe it. As always, we've got a lot to cover so let's dive right into it. the Spring Authorization Server 1.3.0-m1 is now available this is...

7.2AI score
Exploits0
spring
spring
added 2023/02/21 12:0 a.m.26 views

This Week in Spring - February 21, 20223

Hi, Spring fans! Welcome to another installment of This Week in Spring! How're you? I almost forgot today was Tuesday! Here in the US, we had a three day weekend for President's day, and also I've been streaming for a few hours every day or almost every day on my little YouTube channel so the day...

7.4AI score
Exploits0
nvd
nvd
added 2021/01/27 6:15 p.m.20 views

CVE-2020-5427

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

7.2CVSS6.6AI score0.0106EPSS
Exploits0References1
osv
osv
added 2021/01/27 6:15 p.m.22 views

CVE-2020-5427

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

7.2CVSS7.9AI score0.0106EPSS
Exploits0References1
prion
prion
added 2021/01/27 6:15 p.m.14 views

Sql injection

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

6.5CVSS7.3AI score0.0106EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/01/27 5:30 p.m.23 views

CVE-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

5.7CVSS7.4AI score0.0106EPSS
Exploits0References1
cve
cve
added 2021/01/27 5:30 p.m.51 views

CVE-2020-5427

Spring Cloud Data Flow is affected by CVE-2020-5427 in versions 2.6.x prior to 2.6.5 and 2.5.x prior to 2.5.4, where the task execution sorting query is vulnerable to SQL injection. The issue stems from the vulnerable SQL path when requesting task execution. Remediation is to upgrade to version 2...

7.2CVSS6.7AI score0.0106EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2021/01/27 12:0 a.m.7 views

PT-2021-12401 · Spring · Spring Cloud Data Flow

Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow versions 2.5.x prior to 2.5.4 Spring Cloud Data Flow versions 2.6.x prior to 2.6.5 Description: The application is vulnerable to SQL injection when requesting task execution. Recommendations: For versions 2.5.x prior to...

7.2CVSS6.3AI score0.0106EPSS
Exploits0References6
Rows per page
Query Builder